﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;

/// <summary>
/// Summary description for XL_SQL
/// </summary>
public class XL_SQL
{
	public XL_SQL()
	{
		//
		// TODO: Add constructor logic here
		//
	}
    public static string XL_SQL_Attack(String sql)
    {
        sql = sql.ToUpper();
        sql = sql.Replace("SELECT", "");
        sql = sql.Replace("INSERT", "");
        sql = sql.Replace("UPDATE", "");
        sql = sql.Replace("DELETE", "");
        sql = sql.Replace("TRUNCATE", "");
        sql = sql.Replace("CREATE", "");
        sql = sql.Replace("WHERE", "");
        sql = sql.Replace("FROM", "");
        return sql;
    }
}